diff --git a/.github/workflows/build_image.yaml b/.github/workflows/build_image.yaml
new file mode 100644
index 0000000..a844e68
--- /dev/null
+++ b/.github/workflows/build_image.yaml
@@ -0,0 +1,37 @@
+name: Build and upload docker images
+
+on:
+  push:
+    branches:
+      - '**'
+
+permissions:
+  id-token: write   # for JWT request
+  contents: read    # for actions/checkout
+
+jobs:
+  docker-image-build:
+    name: docker-image-build
+    runs-on: ubuntu-latest
+    environment: preprod
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4.1.7
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4.0.2
+        with:
+          role-to-assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
+          aws-region: eu-west-2
+          role-session-name: github-aws-access
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2.0.1
+      - name: Build service-token-cache, tag, and push docker image to Amazon ECR
+        env:
+          REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          REPOSITORY: "fb-service-token-cache"
+          IMAGE_TAG: ${{ github.sha }}
+        run: |
+          docker build -t ${{ env.REPOSITORY }}:${{ env.IMAGE_TAG }} .
+          docker tag ${{ env.REPOSITORY }}:${{ env.IMAGE_TAG }} ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ env.IMAGE_TAG }}
+          docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ env.IMAGE_TAG }}